Hello, how would I go about requiring HTTP basic auth on browse
's directory listings, while leaving the files themselves accessible without auth?
I have tried to use rewriting and proxying to “fall back” to another port on which I have browse
and basicauth
enabled but it seems the rewriting happens after the proxy’s base path is matched, or mismatched in this case, and the alternate port never recieves a request
example.com {
root /srv/http/images
rewrite {
if {path} ends_with /
to {path} /idx{path}
}
proxy /idx http://127.0.0.1:15317 {
without /idx
}
}
http://127.0.0.1:15317 {
root /srv/http/images
browse /
basicauth / codl hunter2
}
Hi @codl,
For reference, the current order of execution of directives is here:
rewrite
does happen before basicauth
, which happens before proxy
.
You can use log / access.log "{common} /// {rewrite_uri}"
, which will log the result of the rewrite so you can compare it with what you expect for any given request.
I note that to {path} /idx{path}
means that a request for a folder that DOES exist on disk will be rewritten to {path}
, because it exists, rather than /idx{path}
(the log
directive will likely confirm this with some quick tests). I suspect you’d rather it rewrite existing directories to the proxy, so you could probably just remove the first {path}
.
Thank you! This did the trick
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.